CVE-2021-29377

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1730%

EPSS Percentile39.74th

Published2021年8月12日

Last Modified2024年11月21日

Vulnerability Description

Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely. A .php file can be uploaded via admin.php/index/upload because app/common/service/UploadService.php mishandles fileExt.

Affected Platforms (CPE)

📦

Pearadmin

Pearadmin Think

<= 2.1.2

References & Advisories

🔗 https://gitee.com/pear-admin/Pear-Admin-Think/issues/I3DI3T

相关漏洞威胁

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are ...

CVE-2026-477507.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...

CVE-2026-477477.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...

CVE-2026-464485.4

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement a...